Released flexVDI Manager 3.1.13

Another security release.

  • Includes logback 1.2.9 that fixes the low severity vulnerability CVE-2021-42550. Exploiting this vulnerability requires the attacker being able to write to the logging.xml config file of the flexVDI Manager appliance.
  • We have removed the write permission of logging.xml file even for the file owner, in flexvdi Manager appliances being updated. In 3.1.12 the permission change affected only new installations.

flexVDI Manager is available for update running flexvdi-config command on the host where the current manager is running. Instructions are available here. Also it can be manually downloaded from portal.flexvdi.com, for servers not connected to the internet.

Leave a Reply

Your email address will not be published. Required fields are marked *